[VIM] First CVE of 2009 :)

Steven M. Christey coley at linus.mitre.org
Wed Jan 7 18:43:26 UTC 2009


here's the first "real" CVE of 2009.  btw I'm not always comfortable with
vague pre-announcements in CVE but as we all know the vuln information
world is not perfect :)


======================================================
Name: CVE-2009-0066
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0066
Reference: MISC:http://blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Wojtczuk
Reference: MISC:http://invisiblethingslab.com/press/itl-press-2009-01.pdf
Reference: MISC:http://theinvisiblethings.blogspot.com/2009/01/attacking-intel-trusted-execution.html
Reference: BID:33119
Reference: URL:http://www.securityfocus.com/bid/33119

Multiple unspecified vulnerabilities in Intel system software for
Trusted Execution Technology (TXT) allow attackers to bypass intended
loader integrity protections, as demonstrated by exploitation of
tboot.  NOTE: as of 20090107, the only disclosure is a vague
pre-advisory with no actionable information. However, because it is
from a well-known researcher, it is being assigned a CVE identifier
for tracking purposes.




More information about the VIM mailing list